Tag Archives: Data Security

CNIL imposes hefty sanction on French company under GDPR

On May 28 2019, the French data protection authority Commission nationale de l’informatique et des libertés (CNIL) imposed a €400,000 fine on French property management company Sergic for neglecting to maintain the security of and to limit the storage of personal data. This is the first sanction imposed on a French company under the General … Continue Reading

French Council of State Confirms GDPR Sanction, Lowers Penalty Fee

Following a recent data breach, Optical Center has been fined 250,000 euros by The Commission nationale de l’informatique et des libertés (CNIL). The website breach allowed public access to invoices, purchase orders, and personal data of customers. On appeal, the French Highest administrative Court (Council of State) lowered the penalty to 200,000 euros. The reduction … Continue Reading

A Brave New World? The “French Sunshine Act” imposes online disclosure of contracts with HCPs, as well as of payments of “advantages” to HCPs, dating back to 01 January 2012

In probably one the longest-awaited decrees in recent French regulation, the French Ministry of Health published on 22 May 2013, the application decree to the French Sunshine Act (dated 29 December 2011) implementing the specific ways and means that health care companies must disclose agreements with health care practitioners (“HCPs”), a term that includes medical … Continue Reading

Defense Contractors Are Now Subject to Notice Requirements for Hacked Systems

This post was written by Gunjan Talati and Timothy Nagle. The 2013 National Defense Authorization Act (“NDAA”) became the law of the land in early January. This NDAA contains a notice requirement that follows the government trend of the past few years of being required to tattle on yourself. Specifically, the NDAA directs the Department … Continue Reading

New Proposed Rules Require Government Contractors to Safeguard Information Systems, but What do They Really Change?

This post was written by Timothy J. Nagle and Gunjan Talati. On Friday, August 24, the Federal Acquisition Regulation (“FAR”) Council issued a proposed rule that adds a subpart and contract clause to the FAR that would force government contractors to implement basic information-systems safeguards for any non-public information that is provided by or generated … Continue Reading

Regulatory Round Up 8.16.11

Election cycle 2012, now featuring the candidate specific Super PAC. I’ve made Clint Eastwood references in these pages before, and while I hate to repeat myself, this article on the DoD Inspector General audit is literally called The Good, The Bad and The Ugly. If the Brookings Institute can’t wrap their collective heads around cloud … Continue Reading
LexBlog